Home > Articles > Security > General Security and Privacy

This chapter is from the book

Learning to Like New Things

The advertising community knows that we are interested in the likes and dislikes of celebrities and they use that knowledge to try to convince us that we enjoy a new movie, a new athletic shoe, or a new cosmetic. We know that buying a Kobe Bryant branded basketball shoe does not give us the extraordinary abilities of Kobe Bryant, but we buy the shoes with the hope that this time, despite past experience, the magic will happen and we will make that fabulous shot.

We also know that buying Martha Stewart paint colors and re-painting the dining room does not make our home eligible to be used in a magazine photograph, but a lot can be said for the feeling of accomplishment we get from executing such a plan. And the paint manufacturer is pleased that we choose his brand of paint from that store rather than some other brand of paint from some other store or no brand at all because it would not otherwise have occurred to us to paint the dining room.

We accept the practice of the Kobe Bryant billboard or the Martha Stewart advertising insert in the Sunday newspaper. However, what if the advertiser knew more about what you are interested in? What if instead of seeing a broadcast commercial with Tiger Woods suggesting that a Buick is the new car for you, you could get information about the exact kind of car you wanted to know more about? Or in your mailbox you found a brochure describing a book you really wanted, complete with ordering form? And your neighbor didn't get that brochure, but instead received a brochure describing a new gardening tool that she really wanted.

That's target marketing. If you are a businessperson who is trying to sell something, you can see how enticing it would be.

Knowing Your Customer

In business, the idea is to provide a service or a product to the people who want it at more than it costs to provide the service or produce the product. We do this to provide for the sustenance of our families and ourselves. Ever since we gathered together in living units larger than the family and developed a method of measuring the value of people's contributions to society (that is, money), this is what we all strive toward. We want to make sure that our families are well cared for, that we have athletic shoes and clothing for school, books to read, whatever is important for each of our living situations.

When the society that people participated in seemed smaller (like a village or small town), and when the products were bread from the local baker or milk from the local dairy farmer, exchanging money for products was relatively simple. The baker or the dairy farmer was well known in his or her market area. People liked the product and purchased it or the baker or the dairy farmer changed the product or went out of business. In a smaller-scale society, people could band together to support one another in hard times. If the baker's supplies were affected by drought (or overabundance), people would know and could change their purchasing patterns to help. They would accept higher prices or buy less bread, so there would be enough to go around. And the community—the baker's market—would want to do this because everyone understood that if the baker went out of business, there would be no baker now or even when things got good again.

The market was not a concept that was discussed much. And it probably wasn't studied too much, either. It just was. The market was a geographical place where people gathered to buy and sell necessities. You could tell what was for sale and who was selling it, just by being there. Because you knew your neighbor, you could decide if the quality of his product was good enough to pay the asking price. Perhaps you negotiated a lower price. Perhaps you traded your product for his product. If you didn't like the product, you could speak to your neighbor about it. Perhaps he would make some arrangement with you to keep you happy. Perhaps he didn't care if you were happy. But you had the power of word of mouth to defend your point of view. You could tell others your story. If the seller felt cheated, he could tell his side. The market would know of the dispute and people could act accordingly.

Society didn't stay static, though. It grew. When it grew so that the market was larger than we could see, it was no longer necessary or even possible to take some of the products and services to a central geographical location. Then people could no longer touch and feel the products and decide if they wanted them. When it became difficult to gather and discuss the product offerings on Market Day, we discovered new kinds of marketing.

We got advertising. Advertising informs you about the availability of a product: who made it, where you can get it, and what it might cost. We can imagine that the first advertiser probably painted something on a cloth to hang over a booth in a marketplace. As more and more banners were hung (figuratively, of course), the size, shape, color, and so on of the cloth banners changed. Each new idea escalating the concept, until a cacophony of banners was reached and you could no longer tell what products were available where.

At that time businesspeople employed barkers to shout about their wares or drummers to attract attention. Business people have always been concerned about attracting attention to the availability of a product.

Finding people who are interested in chocolate chip cookies is easier if you are selling them right from the oven in a shopping mall than it is if you are trying to sell them across the Internet. Buyers in a shopping mall are tempted by the wonderful odor of warm cookies and know that, for a relatively small amount of money, they can instantly gratify their desire for a warm cookie. Buyers over the Internet have to plan ahead, find a source of cookies, fill-out forms, pay, and wait for shipping and delivery. Clearly some kinds of products are a bit easier to sell in person. The potential marketplace of the Internet is much larger than the shopping mall, however. And that makes it a desirable marketplace for an expanding business.

The Internet is also a good marketplace for products that are entirely digital, like music recordings or images. Because they aren't tangible (until perhaps, after delivery) the place that sells them needn't be tangible either.

But among the millions of people who can be connected to the Internet, how do you find your potential customers? You have to know enough about those customers to tell them the story that sells—that describes your product as exactly the right match for their needs. You have to collect and analyze data. How do you do that?

Many business people feel that the processes collectively known as personalization are the answer.

What is Personalization?

Personalization is the automated process that tries to predict what the user wants next and presents it. The perfect implementation would be presenting the right content at the right time, every time.

Businesses use a number of techniques to try to produce that perfect implementation. Some of the techniques are simple ideas in complex implementations: keep track of what the customer did in previous visits and make guesses about what the customer does next. That's what Amazon.com's Recommendations process does.

Some sites use intricate processing that reviews the actions you have just performed on the Web site and tries to present what you find most pleasing. The successful business uses a number of tools to engage in interactions with the user. The following list presents 10 reasons businesses might want to engage in personalization:

  1. Provides the customer with convenience and save his or her time.

  2. Allows the vendor to become a trusted source, building loyalty, customer retention and sales.

  3. Enables a comprehensive, integrated, and intelligent customer communication strategy.

  4. Allows the vendor to proactively present the customer with contextually relevant offers creating the potential to transact with each and every customer.

  5. Provides a 360-degree view of the customer relationship, helping to better understand customer needs and habits.

  6. Allows the vendor to focus on retention rather than acquisition, which is much more cost effective and dramatically increases customer lifetime value.

  7. Offers faster and more accurate response rates to measure future sales.

  8. Provides up-sell and cross-sell opportunities, driving additional revenue.

  9. Creates a competitive advantage, building barriers of entry for new businesses.

  10. Allows a more cost-effective way of doing business, improving sales and customer satisfaction.

Source: Software and Information Industry Association eBusiness Division Whitepaper: Connect with your Customers

Electronic and Internet tools are among the important tools being sought to help businesses solve their problems. These include tools that help keep track of customer interactions (generally called eCRM or Customer Relationship Management tools). Also included are tools known as ERP or Enterprise Resource Planning tools. Additionally, tools that help manage relationships among partners and affiliated organizations are much sought after. All these tools are data-based. This means that people collect the information, organize it so that it can be manipulated, and many uses can be made of it.

An eCRM system, for example, makes it possible for your Airline mileage club to keep track of your miles for you. Using the telephone number you are calling from makes it possible for the person answering your technical support call to have a screen in front of them with all the relevant information about you and your purchase in front of them when they answer the phone.

Now, if you are a member of a mileage program, you know that it is a loyalty marketing program. Because you are a continuing customer, you get the reward. The reward the airline gets is your continued patronage and a lot of information about your travel preferences. These travel preferences help them plan, so they can provide better service where it is needed.

The technical support person can do a better job of answering your questions if she has information about the make and model of your computer and the program you are trying to run. If she doesn't have this information at the beginning of the call, she has to take the time to ask you about it and you need to supply it. It is more convenient for both of you if she has access to information you have already provided to the company.

The following are two reasons for personalization from the individual's point of view:

  1. Saves me time by going directly to what I want to see, making it easier for me to find things.

  2. Helps me communicate with the business because all my information is in one place.

That's really it. Convenience.

How much are you willing to pay for convenience?

Businesses are willing to pay quite a lot to try to provide convenience for you because it is much less expensive to keep you as a current customer than it is to find a new customer. If you are not pleased with your service, if you find the Web site hard to use, or even just awkward, you do not go back.

The personalized relationship between you and a business is based upon knowledge and trust. When we shopped at local pharmacies, we knew the pharmacist and expected that he would do the best possible job of fulfilling our prescriptions. We could count on a warning about not mixing this drug with some other drug the pharmacist knew we were taking. We relied on the pharmacist not to talk about our prescriptions to anyone else.

Our local drugstore maintained records in our name that included our address and telephone number, the doctors who prescribed our medicine, the types of medicine and the quantities, how many refills were allowed, and so on. We felt safe with those records stored there because we trusted the people and the process. Later, medical insurance providers and other organizations had to be extended our trust so that we could receive insurance benefits.

Now we need to decide if we can further extend that trust to online pharmacies, to online bookstores, or to online shoe stores. Because the currency of personalized convenience is the sharing of information about ourselves.

Finding That Important Book

Most of you are familiar with the online store, Amazon.com, and the various features that are intended to make it easier for you to find and purchase what you want.

The recommendations feature, for example, is based upon what was purchased before by the currently signed in online identity. So, if you bought a book published in 1901 about equitation (the art of riding horses in specific ways) and some Romance novels by Jo Beverley and some technical books about database programming, you are likely to get a rather wide array of recommended material. This will be especially true if you purchased music as a present for someone else as well as your mother's favorite movies to send her a gift.

The search feature is one you may not have employed. If you are looking for a specific item, say a no longer stocked novel by Lynn Kerstan, you might be disappointed because no one is offering it for sale, new or used. But at Amazon.com you can put in a request and store it for the pre-order service. This service compares the stored requests to the new arrivals among the many dealers in the Amazon.com affiliated network. If the book you want is offered for sale by one of the dealers, Amazon.com will forward your order and the dealer can charge your credit card and ship you the book.

This service requires that you trust Amazon.com with your credit card number, shipping information, and the title of the book you want to buy. You must also trust that Amazon.com will not charge you for the item before it is available—or charge to your card without your authorization. (As part of the request process, you supply the amount of money you are willing to pay for your desired item.) You also trust that Amazon.Com will not give that information to someone other than the merchant/dealer who offers your item for sale. That's a lot of trust.

But it's worth it!

Just read this story. Glee's friend Bill was seeking the book, On Thermonuclear War, by Herman Kahn. Greenwood Press published the second edition of this book in 1978, and the book really is difficult to find now. Our friend had been looking for a long time because he wanted to read the book and because he had a personal connection to the work: his mother had helped Herman Kahn in preparing the original manuscript. The book itself is difficult to read and it can't have been a popular book. It is a scholarly study of the scenarios of nuclear war, and it probably wasn't going to turn up in the 'normal' used book channels.

But it is listed in Amazon.Com's database. So, Bill filled out the form and forgot about it.

Fortunately, a dealer offered the book for sale, and Bill is now the proud owner of the book his mother worked on. Since the dealer operated far away from Bill's residence, Bill was really, really pleased with the personalized service. He would never have been able to find that copy without it.

"Our vision is that if we have 20 million customers, we should have 20 million stores."

—Jeff Bezos, CEO, Amazon.com

Unless a business knows that you are a current customer, it cannot provide you with information based on your previous transactions. Unless a business knows you prefer classical music, it might show you gangsta rap.

Consider the difference in the information you can receive from a financial institution's Web site if you are a current customer or a prospective one. If you have an account with a bank, you can probably sign on through a process like the one shown in Figure 3.5 and you can check your account balance. You can probably ask your bank to make an electronic payment to a creditor. If you don't have an account at that bank, you are only shown information about services you might want to use, like those shown in Figure 3.6. And this is appropriate. We don't want to have our account information shown to unauthorized people.

Figure 3.5 The Sign-on screen for Wells Fargo Electronic Banking Customers.

Figure 3.6 The general Wells Fargo page.

The importance of identification and authorization are apparent to you when we discuss financial transactions. In personalized interactions, the same process must take place, although in many instances the sign-in process isn't as secure or as formal. The recognition process might be as simple as reading a cookie-file written to your disk from a previous visit. Or it might involve a sign-on process that "connects you" to the profile you built during one or more visits to a Web site. See the difference between the opening screen for Amazon.com if you don't have the cookie-file stored on your computer (see Figure 3.7) and the one you see after you've signed in (see Figure 3.8).

Figure 3.7 The general opening page for Amazon.com.

Figure 3.8 Glee's recommendations in early July 2001.


Some people complain about their recommendations from Amazon.com. If you bought a book on equitation for a friend and you never intend to buy another one, receiving information about new books on riding horses will annoy you. You can actually control this by going to your recommendations page and "grading" the choices. You can remove certain kinds of recommendations from your list without making the list useless. Or, of course, you can just ignore them.

Amazon.com personalized recommendations really enlist our cooperation. We can look at each item on our recommendation list and rate its relevance to our preferences. We can even tell Amazon.com that we own material that we didn't buy from them. This is truly cooperation between merchant and customer.

Providing You with Personal Service

Anytime you set up an account or sign-on name with a Web site, you are giving the Web site the capability to track what you do, at least on that site, and helping them provide you information based on preference that you give them. You may give the information explicitly by filling in a form or implicitly by providing a sign-on name that enables them to correlate any movement on that site to your sign-on name.

If you provide information to receive a service, you should assume that that information is saved and that it is used by itself or in combination with other information to try to provide you with information you want.

For example, if you visit the Excite home page at http://www.excite.com (see Figure 3.9) you see several places where you can supply information to change your experience. For instance, if you want a horoscope, you need to supply a date of birth. If you want to know about your local weather, you need to supply the zip code. You have now trusted the Web site with your zip code and your birth date.

Figure 3.9 The Excite home page.

Furthermore, if you want to change the appearance of the Excite page when you visit, you can set preferences that are remembered and used each time you sign-in. In Figure 3.10 you can see the information that is collected when you set the preferences.

Figure 3.10 The Excite Preferences page.

With this information, it would be possible for Excite to combine the information you gave them with the information about what you looked at on their Web site and produce a very detailed profile about you. The Excite Privacy Policy explicitly outlines the information Excite collects and what they do with that information. This Privacy Policy, the beginning of which is illustrated in Figure 3.11, is a good one to read to understand possible uses of personal information. This policy gives you the chance to make up your own mind if the benefit you receive from disclosing information about yourself actually is worth the cost to you.

Figure 3.11 The Excite Privacy Policy page.

InformIT Promotional Mailings & Special Offers

I would like to receive exclusive offers and hear about products from InformIT and its family of brands. I can unsubscribe at any time.


Pearson Education, Inc., 221 River Street, Hoboken, New Jersey 07030, (Pearson) presents this site to provide information about products and services that can be purchased through this site.

This privacy notice provides an overview of our commitment to privacy and describes how we collect, protect, use and share personal information collected through this site. Please note that other Pearson websites and online products and services have their own separate privacy policies.

Collection and Use of Information

To conduct business and deliver products and services, Pearson collects and uses personal information in several ways in connection with this site, including:

Questions and Inquiries

For inquiries and questions, we collect the inquiry or question, together with name, contact details (email address, phone number and mailing address) and any other additional information voluntarily submitted to us through a Contact Us form or an email. We use this information to address the inquiry and respond to the question.

Online Store

For orders and purchases placed through our online store on this site, we collect order details, name, institution name and address (if applicable), email address, phone number, shipping and billing addresses, credit/debit card information, shipping options and any instructions. We use this information to complete transactions, fulfill orders, communicate with individuals placing orders or visiting the online store, and for related purposes.


Pearson may offer opportunities to provide feedback or participate in surveys, including surveys evaluating Pearson products, services or sites. Participation is voluntary. Pearson collects information requested in the survey questions and uses the information to evaluate, support, maintain and improve products, services or sites, develop new products and services, conduct educational research and for other purposes specified in the survey.

Contests and Drawings

Occasionally, we may sponsor a contest or drawing. Participation is optional. Pearson collects name, contact information and other information specified on the entry form for the contest or drawing to conduct the contest or drawing. Pearson may collect additional personal information from the winners of a contest or drawing in order to award the prize and for tax reporting purposes, as required by law.


If you have elected to receive email newsletters or promotional mailings and special offers but want to unsubscribe, simply email information@informit.com.

Service Announcements

On rare occasions it is necessary to send out a strictly service related announcement. For instance, if our service is temporarily suspended for maintenance we might send users an email. Generally, users may not opt-out of these communications, though they can deactivate their account information. However, these communications are not promotional in nature.

Customer Service

We communicate with users on a regular basis to provide requested services and in regard to issues relating to their account we reply via email or phone in accordance with the users' wishes when a user submits their information through our Contact Us form.

Other Collection and Use of Information

Application and System Logs

Pearson automatically collects log data to help ensure the delivery, availability and security of this site. Log data may include technical information about how a user or visitor connected to this site, such as browser type, type of computer/device, operating system, internet service provider and IP address. We use this information for support purposes and to monitor the health of the site, identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents and appropriately scale computing resources.

Web Analytics

Pearson may use third party web trend analytical services, including Google Analytics, to collect visitor information, such as IP addresses, browser types, referring pages, pages visited and time spent on a particular site. While these analytical services collect and report information on an anonymous basis, they may use cookies to gather web trend information. The information gathered may enable Pearson (but not the third party web trend services) to link information with application and system log data. Pearson uses this information for system administration and to identify problems, improve service, detect unauthorized access and fraudulent activity, prevent and respond to security incidents, appropriately scale computing resources and otherwise support and deliver this site and its services.

Cookies and Related Technologies

This site uses cookies and similar technologies to personalize content, measure traffic patterns, control security, track use and access of information on this site, and provide interest-based messages and advertising. Users can manage and block the use of cookies through their browser. Disabling or blocking certain cookies may limit the functionality of this site.

Do Not Track

This site currently does not respond to Do Not Track signals.


Pearson uses appropriate physical, administrative and technical security measures to protect personal information from unauthorized access, use and disclosure.


This site is not directed to children under the age of 13.


Pearson may send or direct marketing communications to users, provided that

  • Pearson will not use personal information collected or processed as a K-12 school service provider for the purpose of directed or targeted advertising.
  • Such marketing is consistent with applicable law and Pearson's legal obligations.
  • Pearson will not knowingly direct or send marketing communications to an individual who has expressed a preference not to receive marketing.
  • Where required by applicable law, express or implied consent to marketing exists and has not been withdrawn.

Pearson may provide personal information to a third party service provider on a restricted basis to provide marketing solely on behalf of Pearson or an affiliate or customer for whom Pearson is a service provider. Marketing preferences may be changed at any time.

Correcting/Updating Personal Information

If a user's personally identifiable information changes (such as your postal address or email address), we provide a way to correct or update that user's personal data provided to us. This can be done on the Account page. If a user no longer desires our service and desires to delete his or her account, please contact us at customer-service@informit.com and we will process the deletion of a user's account.


Users can always make an informed choice as to whether they should proceed with certain services offered by InformIT. If you choose to remove yourself from our mailing list(s) simply visit the following page and uncheck any communication you no longer want to receive: www.informit.com/u.aspx.

Sale of Personal Information

Pearson does not rent or sell personal information in exchange for any payment of money.

While Pearson does not sell personal information, as defined in Nevada law, Nevada residents may email a request for no sale of their personal information to NevadaDesignatedRequest@pearson.com.

Supplemental Privacy Statement for California Residents

California residents should read our Supplemental privacy statement for California residents in conjunction with this Privacy Notice. The Supplemental privacy statement for California residents explains Pearson's commitment to comply with California law and applies to personal information of California residents collected in connection with this site and the Services.

Sharing and Disclosure

Pearson may disclose personal information, as follows:

  • As required by law.
  • With the consent of the individual (or their parent, if the individual is a minor)
  • In response to a subpoena, court order or legal process, to the extent permitted or required by law
  • To protect the security and safety of individuals, data, assets and systems, consistent with applicable law
  • In connection the sale, joint venture or other transfer of some or all of its company or assets, subject to the provisions of this Privacy Notice
  • To investigate or address actual or suspected fraud or other illegal activities
  • To exercise its legal rights, including enforcement of the Terms of Use for this site or another contract
  • To affiliated Pearson companies and other companies and organizations who perform work for Pearson and are obligated to protect the privacy of personal information consistent with this Privacy Notice
  • To a school, organization, company or government agency, where Pearson collects or processes the personal information in a school setting or on behalf of such organization, company or government agency.


This web site contains links to other sites. Please be aware that we are not responsible for the privacy practices of such other sites. We encourage our users to be aware when they leave our site and to read the privacy statements of each and every web site that collects Personal Information. This privacy statement applies solely to information collected by this web site.

Requests and Contact

Please contact us about this Privacy Notice or if you have any requests or questions relating to the privacy of your personal information.

Changes to this Privacy Notice

We may revise this Privacy Notice through an updated posting. We will identify the effective date of the revision in the posting. Often, updates are made to provide greater clarity or to comply with changes in regulatory requirements. If the updates involve material changes to the collection, protection, use or disclosure of Personal Information, Pearson will provide notice of the change through a conspicuous notice on this site or other appropriate way. Continued use of the site after the effective date of a posted revision evidences acceptance. Please contact us if you have questions or concerns about the Privacy Notice or any objection to any revisions.

Last Update: November 17, 2020